01 Nov
Here’s your weekly #databreach news roundup:
Twilio, General Electric (GE), Amazon Prime, Thomson Reuters, Australian Clinical Labs, Bed Bath & Beyond, See Tickets, and Bank Mitra.
Twilio
U.S. messaging giant Twilio confirmed it was hit by a second #databreach in June that saw cybercriminals access customer contact information. @CarlyPage_ @TechCrunch https://t.co/0FWpB0XWe5
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
U.S. messaging giant Twilio confirmed it was hit by a second breach in June that saw cybercriminals access customer contact information.
Confirmation of the second breach — carried out by the same “0ktapus” hackers that compromised Twilio again in August — was buried in an update to a lengthy incident report that Twilio concluded on Thursday.
Twilio said the “brief security incident,” which occurred on June 29, saw the same attackers socially engineer an employee through voice phishing, a tactic whereby hackers make fraudulent phone calls impersonating the company’s IT department in an effort to trick employees into handing over sensitive information. In this case, the Twilio employee provided their corporate credentials, enabling the attacker to access customer contact information for a “limited number” of customers.
Read more at : https://techcrunch.com/2022/10/28/twilio-june-data-breach/
General Electric (GE)
GE has disclosed that the third-party #databreach occurred between February 3 and 14 of this year.
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
Exposed data includes tax forms containing social security numbers, scans of birth certificates and passports, and photos of driver’s licenses.https://t.co/kBEAT2ZuEO
The Fortune 500 electronics conglomerate has disclosed that the third party data breach occurred between February 3 and 14 of this year. The company did not become aware of the breach until February 28.
The unknown party gained access to the workflow routing service of Canon BPS, a subdivision of the camera giant that specializes in handling outsourced human resources tasks such as document processing and accounts payable.
Amazon Prime
Security researcher Anurag Sen found a database packed with Amazon Prime viewing habits stored on an internal Amazon server that was accessible from the internet with no restriction. #dataleak @zackwhittaker https://t.co/E2yRmdKc9k
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
Security researcher Anurag Sen found a database packed with Amazon Prime viewing habits stored on an internal Amazon server that was accessible from the internet. But because the database was not protected with a password, the data within could be accessed by anyone with a web browser just by knowing its IP address.
The Elasticsearch database — named “Sauron” (make of that what you will) — contained about 215 million entries of pseudonymized viewing data, such as the name of the show or movie that is being streamed, what device it was streamed on, and other internal data, like the network quality and details about their subscription, such as if they are a Amazon Prime customer.
Thomson Reuters
Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. #dataleak @MrVilius @CyberNewshttps://t.co/yTWk3PrnmG
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
The Cybernews research team found that Thomson Reuters left at least three of its databases accessible for anyone to look at. One of the open instances, the 3TB public-facing ElasticSearch database, contains a trove of sensitive, up-to-date information from across the company’s platforms. The company recognized the issue and fixed it immediately.
Thomson Reuters provides customers with products such as the business-to-business media tool Reuters Connect, legal research service and database Westlaw, the tax automation system ONESOURCE, online research suite of editorial and source materials Checkpoint, and other tools.
The size of the open database the team discovered corresponds with the company using ElasticSearch, a data storage favored by enterprises dealing with extensive, constantly updated volumes of data.
Australian Clinical Labs
Australian Clinical Labs (ACL) has disclosed a February 2022 #databreach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. @billtoulas @BleepinComputer https://t.co/OvQLjxjKwO
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people.
ACL is an Australian healthcare company that operates 89 laboratories and performs six million tests annually, offering its services to 92 private and public hospitals across Australia.
While the firm says it’s not aware of any misuse of the stolen information, it is notifying all impacted clients individually of what data was exposed in the attack.
Bed Bath & Beyond
Bed Bath & Beyond Inc (BBBY.O) said on Friday a third party had this month improperly accessed its data through a phishing scam by accessing the hard drive and certain shared drives of one of its employees. #databreach https://t.co/2wRbUkV9QW
— DevaOnBreaches (@DevaOnBreaches) October 28, 2022
Bed Bath & Beyond Inc (BBBY.O) said on Friday a third party had this month improperly accessed its data through a phishing scam by accessing the hard drive and certain shared drives of one of its employees.
The big-box retailer said it was reviewing the data that was accessed so it can determine whether the drives contained any sensitive or personally identifiable information.
The home goods retailer added it has no reason to believe that any sensitive or personally identifiable information was accessed and this cybersecurity incident would likely not have a material impact on the company.
Bank Mitra
As per the sources, this breach was discovered on 23rd October 2022 where more than 750K records have been compromised including the Name, Bank name, Phone number, and Pan number of multiple partner banks of the scheme website Bank Mitra. #databreachhttps://t.co/04Cat3eQ5d
— DevaOnBreaches (@DevaOnBreaches) October 26, 2022
Recently a threat actor was discovered who is advertising the data belonging to the Bank Mitra scheme of the Common service center scheme of the Indian government website. The objective of the Common service center (CSC) is to deliver essential public utility services, social welfare schemes, healthcare, education, healthcare, and financial services to Indian citizens. The role of the Bank Mitra scheme is to cater to financial services under CSC.
As per the sources, this breach was discovered on 23rd October 2022 where more than 750K records have been compromised including the Name, Bank name, Phone number, and Pan number of multiple partner banks of the scheme website Bank Mitra. As per the threat actor, the data was compromised from the domain of the Bank Mitra ID card page which the partners use to download ID cards.
See Tickets
See Tickets has just admitted to a major #databreach and the breach lasted more than two-and-a-half years before it was spotted.https://t.co/BBD4CANDuy
— DevaOnBreaches (@DevaOnBreaches) October 26, 2022
See Tickets is a major global player in the online event ticketing business: they’ll sell you tickets to festivals, theatre shows, concerts, clubs, gigs and much more.
The company has just admitted to a major data breach that shares at least one characteristic with the amplifiers favoured by notorious rock performers Spinal Tap: “the numbers all go to 11, right across the board.”
According to the email template that See Tickets used to generate the mailshot that went to customers (thanks to Phil Muncaster of Infosecurity Magazine for a link to the Montana Department of Justice website for an official copy), the breach, its discovery, its investigation and remediation (which are still not finished, so this one might yet go all the way to 12) unfolded.
